How the Internet Works

This short workshop helps participants to understand how the internet is structured, and which journey information takes when traveling from the end user to the providers of information and vice versa. Participants will gain awareness of where the main digital safety risks are and how they look like for various scenarios.

Workshop Overview

Topic: Navigating the internet infrastructure and how information travels across it, with a look at possible digital safety risk points.


  • To understand how the internet is structured.
  • To be familiar with the journey that information takes in order to travel from the end user to the providers of information and vice versa.
  • To be aware of where the main digital safety risks are and how they look like for various scenarios.

Learning outcomes:

  • Assess different types of possible digital safety risk across the internet infrastructure.
  • Apply the knowledge to particular personal and professional contexts and scenarios.

General guidelines for trainers:

  • This workshop can be divided into 30-40 minute long sessions. Breaks are not included in the timeline; you can decide when to allocate them based on your context. Between sessions, you can add a short break or a quick energizer activity.
  • For group activities, divide participants into teams of 3-5 people. Please adapt times allocated to feedback and post-exercise discussions/debriefing based on the number of participants and size of groups. You can also encourage participants to assign various roles when working in groups. These roles can include Facilitator, Note-taker, Timekeeper, Presenter or Artist (if a visual presentation is required.)
  • For online workshops, we recommend sharing a timer on the screen during energizers and small group activities.
  • Whenever possible, adapt the workshop examples to the context of your audience.

Mode of delivery: online / in-person workshops

Workshop duration (without breaks): 1 hour, or 1 hour and 20 minutes if a review of the “Safety First!” Workshop is needed.

Size of class: 6 to 24 participants

Related workshops: this workshop can also be combined with “Safety First: Basics of preventive digital safety”

Related Exposing the Invisible guide:

Workshop activities and templates, to download:

Learning Activities

Opening (15 minutes)

Workshop introduction

Read Watch Listen | 5 minutes

Instructions for trainer

  • Grab attention by posing a question or commenting on a relevant topic, image, etc.

  • Introduce yourself and the goals of the workshop.

  • Optional: Introduce the source of the workshop material (Tactical Tech.)

  • Inform participants of the workshop agenda.

  • Suggest ground rules for the workshop: how you expect participants to act and react, respect each other, etc. Depending on the time you spend with the workshop participants, if you are running a longer training you could also consider working on a commonly agreed Code of Conduct or shared agreement (see some tips in the "Shared Agreements" section of Tactical Tech's Gender and Tech curriculum guide.)

Participants' Introductions / Icebreaker

Produce | 10 minutes

NOTE: If this workshop is provided as a continuation to the "Safety First!" workshop with the same group, this part is not needed.


  • Make a quick round of introductions by asking participants to answer to a couple of questions about themselves, their work, their workshop expectations, etc.

  • Alternatively, you can pick an icebreaker exercise that encourages participants to get creative by drawing answers or ideas on an online whiteboard or, if off-line, stand up and perform some tasks. Check the Icebreakers section in the ETI Facilitator's Guide for inspiration.

[Optional] Safety First! review (10 minutes)

NOTE: this section can be added if your audience has not attended the “Safety First!” workshop or any other basic digital safety training before.


Read Watch Listen | 10 minutes

Quick knowledge check at the beginning covering the main principles, mindsets of the “Safety First!” Workshop.


Ask several open questions to participants to get a sense of their current understanding of how the internet works. Examples of such questions:

  • What do you need to protect yourselves against when using the internet?
  • How do you choose your digital communication tools?
  • Do you use VPNs? If so, why?

Comment on their answers and highlight important points from the “Safety First!” Workshop, such as:

  • the importance of assessing our risks in our own context,
  • understanding why we choose tools is as important as the tools themselves,
  • our behaviour can often protect us more than digital security tools do,
  • what VPNs may protect us against.

How the Internet is Structured (20 minutes)

Arrange the Internet Infrastructure

Read Watch Listen| 20 minutes



  • Divide participants into small groups of 2-5 members.

  • Present each group with their digital cards randomly uploaded to an online board of your choice (each group receives a shared board space), or with a collection of physical cards (if offline) randomly placed on a table.

  • [10 minutes] Participants discuss in their groups how information travels across the internet and try to organise the cards based on a scenario, for instance: *“Ana needs to open the ‘xyz’ news page on her computer. How does Ana's request to reach the website travel from her computer’s browser to the website? - Arrange the internet infrastructure elements in the order that allows Ana to fulfil this search”.

NOTE: if running this activity in-person with physical cards, you can ask participants to stand up, each person takes one card and they arrange themselves in the physical space corresponding to the manner in which data travels. For example the person with the "computer" card should be first in line, the person with the "wifi" card should be next... the person with the "Website parent company" should be the last.

[8-10 minutes] Debriefing

  • Once the time is up, ask each group to present their internet infrastructure and information flow and say where they encountered challenges and why, what they did not know.

  • If you run the activity in-person with participants standing up, ask each person with a card to describe their function, why they placed themselves in that order, then move on to the next person.

  • Demonstrate the "right" order and talk about how the information travels across internet infrastructure. You can illustrate this by using the "How the internet works" - supporting schemes for the cards exercise and post-exercise discussion

[Optional] How VPNs Work (10 minutes)

Arrange the Internet Infrastructure with VPN

Read Watch Listen| 10 minutes



  • Divide participants into the same groups in the earlier exercise.

  • [5 minutes] Participants discuss in their groups how VPNs work and where they sit in the component diagram

[5 minutes] Debriefing

Digital Safety Risks (20 minutes)

Explain Digital Safety

Read Watch Listen | 20 minutes


  • Explain that digital safety and privacy vulnerabilities are at every step of the information flow.

  • Divide the participants into groups of 2-5 members (random or same groups as before), and assign one of the following scenarios to each group:

    • when doing regular searches with no basic or advanced privacy or security measures in place;
    • when using Tor browser;
    • when using a virtual private network (VPN);
    • when using both Tor and VPN, etc.
  • [10 minutes] Ask each group to think of the main digital safety risks based on their assigned scenario, adding these risks to a digital board / shared file (if online) or on a sheet of paper (if offline).


  • Have an open discussion about the measures that can be set in place in order to avoid some of the risks, such stolen passwords or intercepted files and communications, risk of exposure through search patterns, etc.

  • Explain that not all risks are possible to avoid ultimately, it also depends on one's adversaries and context.

Closure (10 minutes)

Wrap-up Activity: Takeaway Poster

Produce | 5 minutes


  • Shared drawing pad / slide / whiteboard (online)
  • Whiteboard / flip-chart paper, post-its, markers (offline)


  • Ask participants to create a takeaway poster by sharing their answers to the following question in the shared whiteboard / drawing board:

    • What are your main takeaways from today's workshop?
  • Give participants a few minutes to write and/or draw their thoughts and read the thoughts of others.


  • Highlight some of the points on the board.

Read Watch Listen | 5 minutes

Tools/Materials: No materials needed.


  • Wrap up the workshop and sum up its contents.

  • Run a quick review of the session. Each participants would say:

    • one thing they found very good about the session and
    • one thing they would improve for the next time
  • You can encourage participants to ask questions or give some final tips.

  • Share contact information if relevant and any follow-up details.

Contact Us

Please reach out to us at Exposing the Invisible if you:

  • have any questions about this workshop plan and facilitation guidelines,

  • use this workshop plan and want to share feedback and suggestions that can help to improve them,

  • adapt the workshop plan to a specific context and want to share the results with us,

  • want to suggest new activities, tips or examples that can be added to this workshop,

  • want to share your expertise and collaborate with us on developing and testing new workshops.

Contact: (GPG Key / fingerprint: BD30 C622 D030 FCF1 38EC C26D DD04 627E 1411 0C02).

Credits and Licensing

CC BY-SA 4.0

This content is produced by Tactical Tech's Exposing the Invisible project, and licensed under a Creative Commons Attribution-ShareAlike 4.0 International license

  • Workshop authors: A. Hayder, Wael Eskandar

  • Instructional design: A. Hayder

  • Editorial and content: Christy Lange, Laura Ranca, Wael Eskandar

  • Graphic design: Yiorgos Bagakis

  • Website development: Laurent Dellere, Saqib Sohail

  • Project coordination and supervision: Christy Lange, Laura Ranca, Lieke Ploeger, Marek Tuszynski, Safa Ghnaim, Wael Eskandar

This resource has been developed as part of the Collaborative and Investigative Journalism Initiative (CIJI) co-funded by the European Commission under the Pilot Project: "Supporting investigative journalism and media freedom in the EU" (DG CONNECT).

This text reflects the author’s view and the Commission is not responsible for any use that may be made of the information it contains.

More about this topic